Security Statement

This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, and Out of Band Authentication Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

Secure Access and Verifying User Authenticity

Out-Of-Band Authentication confirms a company user’s identity using a one-time security code. The interaction occurs outside the online channel through either an automated voice call or a text message.

Individuals attempting to sign on to BeB with invalid credentials automatically enter step-up authentication and are given random, system-generated step-up information instead of going directly to the Password/Passcode page. While the individual attempting to sign on is led to think they are completing step-up validation, there is no validation happening and therefore no charge to your institution for this activity. A company’s step-up configuration determines whether an individual enters the out-of-band or token authentication during an invalid sign-on attempt.

If you have forgotten your password, you can click the Forgotten Password link to reset your password.

The initial password provided in the security letter or provided to you by the Company Administrator.The required password length is set by your organization and is subject to change. Passwords can be a combination of letters, numbers and following special characters; @ # $. They are not case sensitive.

It is important to sign off of Business eBanking since it is a secure banking application. If you do not use your keyboard within 15 minutes, the application automatically signs you out. Regardless of your keyboard use, the secure Internet connection expires after 15 minutes. You can sign off at any time by performing the following:

Secure Data Transfer

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

Router and Firewall

Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

Using the above technologies, your Internet banking transactions are secure.

Founded in St. Louis in 1906, Cass Commercial Bank is a member of the Federal Reserve. Serving businesses, religious institutions and other non-profits, Cass Commercial Bank is a wholly owned subsidiary of Cass Information Systems (Nasdaq: CASS), a public company with $1.6 billion in assets.